Mobile

10/24/2017
01:30 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Samsung SDS America Adds BioCatch Behavioral Biometrics to Nexsign Platform to Enable Secure, Frictionless Mobile Experiences

Groundbreaking Fintech Partnership Addresses Market Demand For Continuous, Strong Identity Assurance Within Mobile Banking and Payment Applications

NEW YORK, NY (October 23, 2017) – BioCatch, the global leader in behavioral biometrics, announced today that it has teamed up with Samsung SDS, a global software solutions and IT services company, to integrate behavioral biometrics into its solution, creating an innovative, more powerful layer of fraud protection that works beyond the initial login process. The strategic partnership was made public during this year’s Money 20/20 conference in Las Vegas, NV.

BioCatch’s unique technology will be integrated into and complement Nexsign, Samsung SDS’s FIDO-certified, enterprise-grade biometric authentication software. The integration will fill the major security loopholes exposed when seamless interfaces of today’s most popular mobile applications don’t require a user to login multiple times to validate their identity.  BioCatch will use risk-based authentication to continuously monitor Samsung SDS’ users by mapping their behavioral patterns after log-in, to better distinguish between an authorized user, and that of an unauthorized user or an automated BOT or malware.

“Innovations in fintech have given ease to day-to-day tasks such as, banking, transactions, withdrawals and money transfers. Today’s leading brands have made managing finances a social and adoptable experience matching today’s digitally savvy consumers,” said Eyal Goldwerger, Chief Executive Officer at BioCatch. “However, given how sophisticated fraudsters are today, the consumer-grade authentication protocols that exist leave open the real possibility of account takeovers. In fact, all the fraud that BioCatch finds today, comes from within authenticated sessions, prompted by malware, social engineering and other sophisticated attacks that circumvent the login method entirely. As a result, security continues to be a major factor holding back the full potential of mobile banking and payments, especially when taking into consideration the equally important demand for a seamless user experience. Through Nexsign and our partnership, Samsung has created the platform that resolves this constant battle.”

Adding BioCatch behavioral biometrics complements the FIDO framework. The technology validates users by who they are via their interactions with an online application, rather than by what they know (e.g., passwords or security questions). At its core, the system analyzes more than 500 different behavioral parameters during a session to determine whether the user is in fact the genuine user and not a human imposter, malware or a bot. Now, once a user logs onto a mobile app, the system will be able to recognize if the session has been hijacked, and will require a step-up authentication, or an additional biometric test in order to complete the transaction. This could require the user to present one or more biometric modalities, such as fingerprint coupled with face or voice, depending on the transaction amount.

“The vision of Nexsign is to make passwords obsolete and give users a way to authenticate themselves safely and securely with biometrics. While physical biometrics provide an excellent way to do this at login, and other points within the app through step-up authentication, behavioral biometrics is the perfect complement to provide continuous authentication inside a session.  The BioCatch technology relies on a broad array of parameters, and is able to detect both human and non-human imposters inside a session that would otherwise be impossible to identify with traditional means. We are excited for this partnership and the combined offering that we can deliver to our customers,” said Richard Lobovsky, VP of Enterprise Solutions at Samsung SDS America.

Companies are relying on ineffective passwords or two-factor authentication by phone call, or text push notification to better validate users and are still being hacked.  The average fraudulent transaction is currently priced at around $130 for mobile transactions and $115 for tablets. Additionally, 55 percent of consumers use the same passwords for online banking, emails and social media accounts making it easier for fraudsters to guess the user’s credentials, bypassing authentication steps and other login defenses. This strategic partnership between two industry leaders will seek to minimize that impact.

 

About BioCatch

BioCatch is a cybersecurity company that delivers behavioral biometrics analyzing human-device interactions to protect users and data. Banks and other enterprises use BioCatch to significantly reduce online fraud and protect against a variety of cyber threats, without compromising the user experience. With an unparalleled patent portfolio and deployments at major banks around the world that cover tens of millions of users to date, BioCatch has established itself as the industry leader. For more information, please visit www.biocatch.com.

 

About Samsung SDS America

Samsung SDS America (SDSA) is the U.S. subsidiary of Samsung SDS, a global IT solutions company. SDSA provides purpose-built technology solutions in the areas of enterprise mobility, security, advanced analytics, mobile sales productivity, and training. We enable our customers in the public sector, finance, retail, and other industries to achieve greater freedom, more operational efficiency, and smarter decision making as the driving force for their competitive advantage. SDSA is headquartered in Ridgefield Park, NJ, with offices in Herndon, VA, and San Jose, CA. For more information on Samsung SDS Nexsign, please email [email protected]

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
WebAuthn, FIDO2 Infuse Browsers, Platforms with Strong Authentication
John Fontana, Standards & Identity Analyst, Yubico,  9/19/2018
NSS Labs Files Antitrust Suit Against Symantec, CrowdStrike, ESET, AMTSO
Kelly Jackson Higgins, Executive Editor at Dark Reading,  9/19/2018
Turn the NIST Cybersecurity Framework into Reality: 5 Steps
Mukul Kumar & Anupam Sahai, CISO & VP of Cyber Practice and VP Product Management, Cavirin Systems,  9/20/2018
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Are you sure this is how we get our data into the cloud?
Current Issue
Flash Poll
The Risk Management Struggle
The Risk Management Struggle
The majority of organizations are struggling to implement a risk-based approach to security even though risk reduction has become the primary metric for measuring the effectiveness of enterprise security strategies. Read the report and get more details today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2018-14633
PUBLISHED: 2018-09-25
A security flaw was found in the chap_server_compute_md5() function in the ISCSI target code in the Linux kernel in a way an authentication request from an ISCSI initiator is processed. An unauthenticated remote attacker can cause a stack buffer overflow and smash up to 17 bytes of the stack. The at...
CVE-2018-14647
PUBLISHED: 2018-09-25
Python's elementtree C accelerator failed to initialise Expat's hash salt during initialization. This could make it easy to conduct denial of service attacks against Expat by contructing an XML document that would cause pathological hash collisions in Expat's internal data structures, consuming larg...
CVE-2018-10502
PUBLISHED: 2018-09-24
This vulnerability allows local attackers to escalate privileges on vulnerable installations of Samsung Galaxy Apps Fixed in version 4.2.18.2. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exist...
CVE-2018-11614
PUBLISHED: 2018-09-24
This vulnerability allows remote attackers to escalate privileges on vulnerable installations of Samsung Members Fixed in version 2.4.25. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists wit...
CVE-2018-14318
PUBLISHED: 2018-09-24
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Samsung Galaxy S8 G950FXXU1AQL5. User interaction is required to exploit this vulnerability in that the target must have their cellular radios enabled. The specific flaw exists within the handling of ...